A Code Quality Problem in Washington State Puts Dangerous Criminals Back on the Street

by

We always hear about issues with systems, applications, or services caused by poor code quality or missed defects, but what happens when these problems become life threatening? Recently an article posted by npr discussed the early release of dangerous prisoners who are now being charged for murder. According to the article, Governor Jay Inslee of Washington State reported that more than 3,200 prisoners were released early due to a software defect.

This was not a result of good behavior, but rather an issue caused by a software glitch within the Department of Corrections. As reported by the governor’s general counsel, Nick Brown, approximately 3% of the occurrences since 2002 should not have been allowed. This software glitch has gone unnoticed for more than 10 years and as a result dangerous criminals have made their way back into society.

Missed Defects Have Negative Consequences

A defect in the software used to calculate early release resulted in good behavior credits being applied to inmates. These inmates were not supposed to receive the credits and as a result were allowed out early. The issue was flagged more than three years ago when a family was notified about the early release of a dangerous perpetrator. Nick went on to explain that the family calculated the date themselves and contacted the department about the miscalculation.

After the software defect was noticed in 2012, the issue remained in tact because the department did not take measures to fix the problem. The issue was brought to the governor’s attention in December of 2015, who immediately began working to resolve the issue. Washington State has now implemented damage control measures to prevent any further complications. Until the defect can be fixed, all calculations will be performed by hand to ensure prisoners are released at the appropriate time.

Measures Must Be Taken to Ensure Software Quality

Unfortunately the unresolved issue has resulted in extensive damage with one criminal being charged for vehicular homicide after release and another charged with first-degree murder. There is immense concern about what will be uncovered as state officials continue to research committed crimes by these individuals. Convicts who have not committed a crime are safe, but state officials are taking measures to get inmates back into custody.

Poor quality has been a consistent problem for companies, but increases the concern when it puts the public in danger. It is time to take further measures to assess software quality and ensure dependability. Whether the state was unable to locate the problem or simply ignored it is up for debate. Regardless, this situation raises the question: Is this happening in other locations and what should be done?

If the State of Washington had fixed the problem sooner, dangerous criminals would not have been allowed to roam free. Code analysis tools are a dependable approach to identifying and resolving harmful software defects. The bottom line: proper code analysis would have aided in identifying the problem and saved lives. This is an extreme example of what can happen when software defects are not taken seriously. What are your thoughts on this dangerous, high profile example?

References:

http://www.npr.org/2016/01/01/461700642/computer-glitch-leads-to-mistaken-early-release-of-prisoners-in-washington

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Pete Pizzutillo VP Corporate Marketing at CAST
Pete Pizzutillo is Vice President of Corporate Marketing at CAST. He is responsible for leading the integrated marketing strategies (digital and social media, public relations, partners, and events) to build client engagement and generate demand. He passionately believes that the industry has the knowledge, tools and capability such that no one should lose customers, revenue or damage their brand (or career) due to poor software. Pete also oversees CAST’s product marketing team whose mission is to help organizations understand how Software Intelligence supports this belief. Prior to CAST, Pete oversaw product development and product management for an estimating and planning software company in the Aerospace and Defense market. He has worked in several industries in various marketing roles and started his career as an advertising agency art director. He is a graduated of The Pennsylvania State University with degrees in Business Administration and Art. Pete lives in New Jersey with his wife and their four children. You can connect with Pete on LinkedIn or Twitter: @pizzutillo.
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|